Contents tagged with GDPR
Having got past 25 May 2018, the day the GDPR came into effect, the flood of GDPR emails is beginning to diminish. But were all these emails necessary, and in particular, was it actually necessary to seek consent? In many cases it was not necessary to seek consent to “stay in touch”.
Under GDPR consent is one of 6 legal bases for processing data. In most cases, organisations will be able to rely on the “legitimate interests” ground to remain in contact with their contact list.
The recitals within the GDPR expressly say that processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest. Many businesses can therefore rely on the concept of ‘legitimate interest’ to justify processing … more
Are there aspects you still need assistance with? Have you even started your data audit? Don’t worry, we won’t tell anyone. SCE Solicitors can help you get up to speed.
The new data rules are a positive move which aims to put individuals in control over who holds their personal data, why and for how long.
Understand your obligations as a business owner and an employer
The course has been divided into two parts to provide benefit to both those who wish to receive an overview and for those who want to understand the impact for dealing with issues surrounding employees, workplaces and business issues.
The morning session will be run by Will Roebuck and will concentrate on cyber risk and how GDPR will impact all businesses and their … more
The principles relevant to the retention of employee data under the General Data Protection Regulation (“GDPR”), which comes into effect on 25th May 2018, do not differ greatly from those under the current data protection regime.
Under both the GDPR and the Data Protection Act 1998, personal data must be kept for no longer than is necessary for the purposes for which it is processed. However, the GDPR requires employers to be more transparent about their retention policies and includes additional rights for employees and greater penalties for non-compliance.
Right of portability
Data subjects will have the right to request that their personal data be provided to them (or a third party) in a machine readable portable format free of charge. Employers … more
On Tuesday 13th March SCE Solicitors, with guest speaker Will Roebuck from E_Radar, held a full day workshop at our offices in Leeds, to explain the GDPR obligations for Employers. The sell-out session was a huge success and received outstanding feedback.
From the completed surveys -
• 80% said that the seminar met their expectations and the other 20% said that their expectations were met over and beyond.
• When asked about the style and content of the speakers 60% said that it was good and the other 40% said that it was excellent.
• All the attendees said that the workshop was relevant to their needs, with 60% of them saying it was very relevant.
• All the attendees said that they would recommend the workshop to colleagues.
When asked what they … more
If you run a business, the GDPR will probably be on your radar by now. Although preparing for the new rules may seem like a daunting task, it doesn’t have to be.
When it’s introduced on 25 May 2018, the GDPR will apply to all UK businesses that handle personal data. As a result, every organisation that collects, processes or stores personal data should be taking steps now to ensure it can achieve compliance.
Here are our top 8 practical tips to get ready for the GDPR
1 - Understand your data
The GDPR requires you to give more information to individuals explaining how their data is used – you can only do this if you understand the reason why you collected and hold it in the first place
2 - Legitimate interest
If you rely on ‘legitimate interest& … more
The General Data Protection Regulations (“GDPR”) is a new set of European regulations that will overhaul existing Data Protection laws and come into force on 25th May 2018.
The regulations are going to have far reaching consequences for how business look after their personal data, and to enforce these new regulations GDPR will also allow for significant fines for companies who breach these new rules.
Recruiters especially should make sure that they are transparent when processing candidate data during hiring. They should also ensure candidates can exercise their rights under GDPR.
When sourcing CVs
When asking candidates to send in CVs, you’re asking for personal information. Whether this is via a job board, an employment website, or directly via an email, … more
Before General Data Protection Regulation (“GDPR”), carrying out criminal record checks on prospective employees was something many companies did as a matter of routine. But under the new GDPR, which is enforceable from 25th May 2018, background screening can only occur under very specific conditions.
Under these regulations only two types of organisations are permitted to process personal data relating to criminal convictions and offences. Namely:
If the processing is under the control of official authority; or
when it is authorised by law providing for appropriate safeguards for the rights and freedoms of data subjects.
The Data Protection Bill, published in September 2017, is designed to supplement GDPR and will authorise criminal … more
On Tuesday 13 March 2018 SCE Solicitors are holding a one day GDPR training course.
The course has been divided up into two parts to provide benefit to both those who wish to receive a quick overview and those who want to understand the impact for dealing with employee details.
The morning session will be run by Dai Davies, a technology lawyer and a well-known speaker, and will provide a general overview of GDPR and how it will impact all businesses. The afternoon session will be run by our Richard Newstead and will focus on the implications of employers.
Data Protection has recently undergone a fundamental reappraisal with the enactment of the new European Union GDPR. GDPR will come fully into force on 25 May 2018 and businesses which do not plan for it will be … more
The General Data Protection Regulation (the GDPR) is due to come into force on 25 May 2018, this is only a year away, which as we know will fly by. The GDPR was written to create a culture shift in how organisations handle personal data, non-compliance will result in greater penalties.
Overall the GDPR provides individuals with the right:
(a) to be informed;
(b) of access;
(c) to rectification;
(d) to erase;
(e) to restrict processing;
(f) to data protection;
(g) to object and
(h) not to be subject to automated decision making and profiling.
The GDPR is a complex piece of legislation, so to save you all trawling through it, I’ve picked eight issues which businesses should start considering:
1. Consenting … more